steve/restic-manager
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases 1 Wiki Activity

http: session/login reject disabled users; mid-session disable kicks immediately

Browse Source
This commit is contained in:
Steve Cliff
2026-05-05 09:22:07 +01:00
parent c1e974aad9
commit cbdd94ca12
4 changed files with 60 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/server/http/auth.go
+3
View File
@@ -59,6 +59,9 @@ func (s *Server) authenticateAndSession(w stdhttp.ResponseWriter, r *stdhttp.Req
if err := auth.VerifyPassword(u.PasswordHash, password); err != nil {
return nil, errInvalidCredentials
}
if u.DisabledAt != nil {
return nil, errInvalidCredentials
}
token, err := auth.NewToken()
if err != nil {